Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/SopY6ZWS_zSvVdJ9S_7T2LdpBOc.roa
File: SopY6ZWS_zSvVdJ9S_7T2LdpBOc.roa (raw, json)
Hash identifier: R2CNWd8z+13gfjTHMhQx1RDxnIJ67GFa1Df1tprgfYQ=
Subject key identifier: 4A:8A:58:E9:95:92:FF:34:AF:55:D2:7D:4B:FE:D3:D8:B7:69:04:E7
Certificate issuer: /CN=dd64166a91179308f253a9175616ccc6828c4463
Certificate serial: 01978169B50BDFA14E09A9786F695643B91B
Authority key identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/SopY6ZWS_zSvVdJ9S_7T2LdpBOc.roa
Signing time: Wed 18 Jun 2025 05:01:17 +0000
ROA not before: Wed 18 Jun 2025 05:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202660
IP address blocks: 92.63.206.0/24 maxlen: 24
92.63.207.0/24 maxlen: 24
109.94.172.0/24 maxlen: 24
185.100.52.0/22 maxlen: 22
198.163.206.0/24 maxlen: 24
198.163.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Jun 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:69:b5:0b:df:a1:4e:09:a9:78:6f:69:56:43:b9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd64166a91179308f253a9175616ccc6828c4463
Validity
Not Before: Jun 18 05:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a8a58e99592ff34af55d27d4bfed3d8b76904e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4e:97:37:d0:90:ab:38:30:cf:2e:3a:34:2d:
10:8b:ac:11:75:56:8e:41:5d:fe:79:5f:42:a0:ee:
59:55:ea:78:c8:3f:06:cf:43:e6:3e:48:95:5d:a0:
8a:e7:a1:4e:2d:54:01:1d:03:37:cc:d2:6c:ed:b3:
2e:27:11:c9:3b:84:f8:7d:61:bd:0b:fe:88:8f:6f:
4d:c1:36:10:f8:c2:97:88:ac:e8:93:eb:57:b3:15:
fc:07:fa:c9:8c:ff:8a:2e:15:bb:07:85:1c:39:80:
5b:1e:2f:15:36:9d:f9:48:26:09:d9:d0:5e:69:96:
ba:a2:d1:06:f8:88:f5:9a:77:08:a3:7a:de:2f:95:
ad:eb:82:52:a9:86:0b:aa:16:7d:53:73:06:fa:c3:
d3:8c:46:df:89:ee:20:8c:4f:b2:86:9f:8b:17:7a:
7e:81:34:3d:f9:5d:72:74:a7:61:4e:df:85:3d:d9:
46:3a:85:40:c4:4f:d9:d9:6d:e8:c3:0e:7a:f4:0a:
98:05:d9:09:f5:28:5f:fe:2a:71:b8:29:57:df:6b:
8d:a1:50:9d:66:dd:0b:10:4b:32:50:ba:25:64:41:
74:38:ae:b5:5f:0d:b0:fd:43:51:15:40:0c:90:02:
38:bd:b4:74:7c:ad:62:bf:ec:51:ac:47:7d:e3:f9:
a9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8A:58:E9:95:92:FF:34:AF:55:D2:7D:4B:FE:D3:D8:B7:69:04:E7
X509v3 Authority Key Identifier:
keyid:DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/SopY6ZWS_zSvVdJ9S_7T2LdpBOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.206.0/23
109.94.172.0/24
185.100.52.0/22
198.163.206.0/23
Signature Algorithm: sha256WithRSAEncryption
37:d3:46:f6:62:ea:20:88:04:e4:8c:9f:cf:b0:00:c9:e4:6e:
52:eb:5c:65:ae:14:95:4e:df:b7:72:93:39:c9:8c:16:63:9c:
3c:3e:eb:d5:34:36:53:55:9f:83:5d:ef:53:df:70:c6:76:10:
3f:c5:67:5f:c0:28:1e:04:34:e5:6d:48:28:7d:98:53:4e:be:
a3:3e:fe:62:e8:dc:26:a2:e1:9a:72:87:67:20:d9:f0:2f:ac:
76:d8:7e:e1:9e:27:be:3e:56:06:89:88:1c:64:74:60:78:2d:
38:a2:cc:98:b7:57:7b:4c:19:0e:ab:6b:fd:11:cb:89:e7:c0:
1b:7b:37:4e:9f:75:25:40:8f:df:f8:3d:84:5e:18:55:aa:b8:
43:e5:37:9f:8c:52:b5:05:10:84:a3:69:f2:f0:92:f3:d5:5f:
e1:c6:26:44:2b:42:26:72:bd:c6:8b:ae:6c:e4:c4:a3:aa:e5:
48:dc:a9:4d:12:eb:6f:ed:ee:69:b7:a8:bf:64:93:4c:4d:c7:
ba:cc:1f:d7:2e:76:5a:5d:9d:8f:97:fc:0e:58:4e:37:e5:94:
25:d9:5e:e5:81:c4:1f:e1:23:e2:d1:18:c5:e9:3c:eb:82:7a:
e6:39:48:4c:89:54:60:8b:b8:42:15:41:3a:dc:b4:83:5f:4f:
cd:34:1b:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeBabUL36FOCal4b2lWQ7kbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQxNjZhOTExNzkzMDhmMjUzYTkxNzU2MTZjY2M2ODI4
YzQ0NjMwHhcNMjUwNjE4MDUwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThhNThlOTk1OTJmZjM0YWY1NWQyN2Q0YmZlZDNkOGI3NjkwNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4U6XN9CQqzgwzy46NC0Qi6wRdVaO
QV3+eV9CoO5ZVep4yD8Gz0PmPkiVXaCK56FOLVQBHQM3zNJs7bMuJxHJO4T4fWG9
C/6Ij29NwTYQ+MKXiKzok+tXsxX8B/rJjP+KLhW7B4UcOYBbHi8VNp35SCYJ2dBe
aZa6otEG+Ij1mncIo3reL5Wt64JSqYYLqhZ9U3MG+sPTjEbfie4gjE+yhp+LF3p+
gTQ9+V1ydKdhTt+FPdlGOoVAxE/Z2W3oww569AqYBdkJ9Shf/ipxuClX32uNoVCd
Zt0LEEsyULolZEF0OK61Xw2w/UNRFUAMkAI4vbR0fK1iv+xRrEd94/mpKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEqKWOmVkv80r1XSfUv+09i3aQTnMB8GA1UdIwQY
MBaAFN1kFmqRF5MI8lOpF1YWzMaCjERjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3Yzct
NzRkZTI1OGE3NmY4LzEvU29wWTZaV1NfelN2VmRKOVNfN1QyTGRwQk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3YzctNzRkZTI1OGE3NmY4
LzEvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBXD/OAwQA
bV6sAwQCuWQ0AwQBxqPOMA0GCSqGSIb3DQEBCwUAA4IBAQA300b2YuogiATkjJ/P
sADJ5G5S61xlrhSVTt+3cpM5yYwWY5w8PuvVNDZTVZ+DXe9T33DGdhA/xWdfwCge
BDTlbUgofZhTTr6jPv5i6NwmouGacodnINnwL6x22H7hnie+PlYGiYgcZHRgeC04
osyYt1d7TBkOq2v9EcuJ58AbezdOn3UlQI/f+D2EXhhVqrhD5TefjFK1BRCEo2ny
8JLz1V/hxiZEK0Imcr3Gi65s5MSjquVI3KlNEutv7e5pt6i/ZJNMTce6zB/XLnZa
XZ2Pl/wOWE435ZQl2V7lgcQf4SPi0RjF6TzrgnrmOUhMiVRgi7hCFUE63LSDX0/N
NBs3
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:02:23 2025 by rpki-client